﻿<?php
try {
    $entity = json_decode(file_get_contents('php://input'));
    $user = $entity->{"user"};
    $pwd = $entity->{"pwd"};
    $newpwd = $entity->{"newpwd"};

    if (!eregi("^[a-zA-Z0-9_]+$", $user)) {
        throw new Exception("用户名必须用字母、数字或者下划线组成");
    }
    if (!eregi("^[a-zA-Z0-9_]{4,20}$", $user)) {
        throw new Exception("用户名长度应该在4-20位");
    }
    if (!eregi("^[a-zA-Z0-9_]+$", $pwd)) {
        throw new Exception("密码不合法！必须用字母、数字或者下划线组成");
    }
    if (!eregi("^[a-zA-Z0-9_]{6,18}$", $pwd)) {
        throw new Exception("密码长度应该在6-18位");
    }
    if (!eregi("^[a-zA-Z0-9_]+$", $newpwd)) {
        throw new Exception("新密码不合法！必须用字母、数字或者下划线组成");
    }
    if (!eregi("^[a-zA-Z0-9_]{6,18}$", $newpwd)) {
        throw new Exception("新密码长度应该在6-18位");
    }

    $myconn = mysql_connect('localhost', 'celes', '12345'); //在这里修改数据库连接
    mysql_select_db("sldb", $myconn);
    $anyrecord = mysql_query("select * from useraccount where Account='$user' and Password='$pwd'");
    if (mysql_fetch_array($anyrecord)) {
        $onerec = mysql_query("update useraccount set Password='$newpwd' where Account='$user'");

        if ($onerec) {
            // 成功
        } else {
            // 失败
            mysql_close($myconn);
            throw new Exception("修改密码失败，原因未知");
        }
    } else {
        mysql_close($myconn);
        throw new Exception("修改密码失败，用户名或密码错误");
    }

    mysql_close($myconn);
}
catch(Exception $e) {
    header("Content-Type: application/json");
    http_response_code(500);
    echo json_encode(array("error" => $e->getMessage()));
}

?>
